What are the three basic attributes of information security?

There are three basic attributes of information security: 1. Confidentiality, which refers to the characteristic that information is not leaked to or used by unauthorized individuals and entities; 2. Integrity, which refers to the fact that information is stored, It maintains the characteristics of not being modified, delayed, out of order, and not lost during the process of transmission and extraction; 3. Availability refers to the characteristics that information can be accessed by legitimate users and used in the required order.

The operating environment of this tutorial: Windows 7 system, Dell G3 computer.

Information security (information security) involves information theory, computer science, cryptography and other aspects of knowledge. It studies the protection methods of information in computer systems and communication networks. It refers to the generation, transmission, use, and During the storage process, security protection is provided for information carriers (processing carriers, storage carriers, transmission carriers) and information processing, transmission, storage, and access to prevent data information content or capabilities from being illegally used or tampered with.

The main information security threats include passive attacks, active attacks, insider attacks and distribution attacks. The main information security technologies include cryptography technology, identity management technology, rights management technology, local computing environment security technology, and firewall technology. etc., the development of information security has gone through stages such as communication confidentiality, computer security, information security and information assurance.

Three basic attributes of information security

1. Confidentiality

Information confidentiality Also known as information confidentiality, it refers to the characteristic that information is not disclosed to or used by unauthorized individuals and entities. Confidentiality of information varies with how many people the information is allowed to access.

The information that can be accessed by all personnel is public information, and the information that needs to be restricted is generally sensitive information or secrets. Secrets can be divided into different confidentiality levels according to the importance of the information or confidentiality requirements. For example, the state imposes restrictions on secret leaks. Depending on the impact (consequences) on national economic and security interests, national secrets are divided into three levels: A (secret level), B (confidential level) and C (top secret level).

Secrets cannot be leaked to unauthorized users or used illegally. Even if unauthorized users obtain the information, they cannot know the content of the information. Confidentiality usually uses access control to prevent unauthorized users from obtaining confidential information, and encryption technology to prevent unauthorized users from learning the information content.

2. Integrity

Integrity means that the information remains unmodified, delayed, out of order and unobstructed during the storage, transmission and retrieval process. Lost properties. Generally, access control is used to prevent tampering, and information digest algorithms are used to check whether the information has been tampered with. Integrity is the characteristic that data cannot be changed without authorization. Its purpose is to ensure that the data on the information system is in a complete and undamaged state.

3. Availability

Information availability refers to the characteristics that information can be accessed by legitimate users and can be used in the required order, that is, the required information can be obtained when needed. information. Availability is a measure of the reliability of information resource service functions and performance, and is a requirement for the overall reliability of the information system. At present, there is no particularly effective method to ensure that the system and network can provide normal services except for backup and redundant configuration.

For more related knowledge, please visit the FAQ column!

The above is the detailed content of What are the three basic attributes of information security?. For more information, please follow other related articles on the PHP Chinese website!